Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/TmEXKxSNZ0_zTc5THPz2c5wmi0E.roa
File: TmEXKxSNZ0_zTc5THPz2c5wmi0E.roa (raw, json)
Hash identifier: xQlljbeSCNMF6cWNqr14DgaWbaM0bMNhZ8dr/zHBRpM=
Subject key identifier: 4E:61:17:2B:14:8D:67:4F:F3:4D:CE:53:1C:FC:F6:73:9C:26:8B:41
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019368AF08C2B1B0E1E42E96AB8F519B4395
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/TmEXKxSNZ0_zTc5THPz2c5wmi0E.roa
Signing time: Tue 26 Nov 2024 13:35:21 +0000
ROA not before: Tue 26 Nov 2024 13:35:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396608
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.53/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:af:08:c2:b1:b0:e1:e4:2e:96:ab:8f:51:9b:43:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Nov 26 13:35:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e61172b148d674ff34dce531cfcf6739c268b41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:05:2a:21:13:21:e2:2c:f0:bc:a3:3c:33:71:
3f:36:22:a6:c6:d5:6f:70:70:8a:42:fb:50:0d:9d:
f6:95:6a:5c:40:7b:4c:ee:fd:de:48:80:e4:e0:c6:
c1:4f:04:d1:91:60:9c:43:dc:83:9c:a8:0c:ee:1f:
17:f0:51:72:7e:ae:b9:3b:96:73:75:61:59:eb:7e:
47:61:9e:e9:b1:69:5d:e8:45:0d:e3:91:77:bb:3e:
a7:ae:0f:a7:bb:c5:3f:18:13:6e:df:62:c7:16:ed:
24:0d:cb:b0:8c:11:45:6c:b3:e7:dc:b3:07:31:1f:
91:78:18:0b:03:c1:42:19:2c:d1:94:42:bc:25:5b:
2b:65:f8:01:6e:d2:b1:35:60:5a:3f:2a:d6:5c:5d:
b1:91:d5:88:b9:8a:ad:a0:be:ec:b6:4f:91:33:0f:
71:c1:51:7e:9e:f1:0d:07:34:29:aa:dd:b6:c2:a6:
88:92:65:a5:63:4a:39:2a:68:bd:8e:5e:31:73:09:
e2:f1:1c:5d:06:d3:9f:0c:49:e5:52:f7:34:03:ad:
68:52:59:88:5d:7a:7d:9a:00:54:19:df:cc:97:88:
3f:34:c7:90:6c:3d:38:e1:0f:b2:47:89:ba:0d:30:
8b:a3:19:60:74:aa:14:73:0d:78:36:03:c3:b1:75:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:61:17:2B:14:8D:67:4F:F3:4D:CE:53:1C:FC:F6:73:9C:26:8B:41
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/TmEXKxSNZ0_zTc5THPz2c5wmi0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.53/32
Signature Algorithm: sha256WithRSAEncryption
44:99:2d:5b:dc:91:77:28:62:78:f2:16:a2:6f:23:01:91:7e:
20:94:bb:9c:08:85:23:a5:13:45:23:49:1a:8e:08:c0:65:2c:
16:7a:d3:6b:a3:b2:80:d2:76:d4:e7:e7:72:18:28:da:7e:36:
75:c9:77:6a:94:f1:53:af:db:a7:da:dc:29:cf:96:fe:fb:6d:
29:ff:cd:ab:b9:c4:1c:70:8b:76:6b:0e:f7:b0:99:58:19:16:
5d:7f:c7:8b:d3:7d:8b:8c:38:09:e8:d8:0c:93:2f:5b:72:7a:
02:e6:e0:94:df:42:a9:18:fd:6a:6b:4b:0d:23:37:cd:1b:e0:
aa:d2:f5:3c:d3:6c:bc:21:be:c9:b3:95:87:c8:17:95:6c:e2:
84:aa:d3:60:46:85:bd:60:cb:11:08:0a:fc:8b:43:97:5e:23:
1d:4e:56:4f:73:94:cf:95:c3:7d:cf:e8:73:8a:8d:fe:3e:b5:
bb:fa:34:23:28:2c:1c:be:be:3f:4c:a8:fb:7d:42:a3:fb:8f:
8b:55:af:70:95:17:c2:85:b1:ab:4a:f3:0d:3c:a0:89:04:a4:
a3:85:96:af:bf:21:be:76:66:b0:a1:0e:8a:c4:f5:19:70:e4:
81:92:8c:cd:52:5d:89:da:9c:3f:0f:a3:d4:62:51:7f:b6:ac:
5a:2e:6e:1b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNorwjCsbDh5C6Wq49Rm0OVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQxMTI2MTMzNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTYxMTcyYjE0OGQ2NzRmZjM0ZGNlNTMxY2ZjZjY3MzljMjY4YjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wUqIRMh4izwvKM8M3E/NiKmxtVv
cHCKQvtQDZ32lWpcQHtM7v3eSIDk4MbBTwTRkWCcQ9yDnKgM7h8X8FFyfq65O5Zz
dWFZ635HYZ7psWld6EUN45F3uz6nrg+nu8U/GBNu32LHFu0kDcuwjBFFbLPn3LMH
MR+ReBgLA8FCGSzRlEK8JVsrZfgBbtKxNWBaPyrWXF2xkdWIuYqtoL7stk+RMw9x
wVF+nvENBzQpqt22wqaIkmWlY0o5Kmi9jl4xcwni8RxdBtOfDEnlUvc0A61oUlmI
XXp9mgBUGd/Ml4g/NMeQbD044Q+yR4m6DTCLoxlgdKoUcw14NgPDsXWTuQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE5hFysUjWdP803OUxz89nOcJotBMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvVG1FWEt4U05aMF96VGM1VEhQejJjNXdtaTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOAwUBURPDHgMF
ALlkADUwDQYJKoZIhvcNAQELBQADggEBAESZLVvckXcoYnjyFqJvIwGRfiCUu5wI
hSOlE0UjSRqOCMBlLBZ602ujsoDSdtTn53IYKNp+NnXJd2qU8VOv26fa3CnPlv77
bSn/zau5xBxwi3ZrDvewmVgZFl1/x4vTfYuMOAno2AyTL1tyegLm4JTfQqkY/Wpr
Sw0jN80b4KrS9TzTbLwhvsmzlYfIF5Vs4oSq02BGhb1gyxEICvyLQ5deIx1OVk9z
lM+Vw33P6HOKjf4+tbv6NCMoLBy+vj9MqPt9QqP7j4tVr3CVF8KFsatK8w08oIkE
pKOFlq+/Ib52ZrChDorE9Rlw5IGSjM1SXYnanD8Po9RiUX+2rFoubhs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:21 2025 by rpki-client